Rest Assured Interview Questions

1. Can you explain RequestSpecification request = RestAssured.given(); ?

• RequestSpecification is an interface in the RestAssured library that defines the request
specification for an HTTP request. It allows you to specify things like the HTTP method (GET,
POST, etc.), headers, parameters, and authentication details for the request.

• RestAssured.given() is a static method that returns an instance of RequestSpecification

• This implementation is based on the Builder pattern, which allows you to easily construct an
HTTP request by chaining method calls.

2. How can you send a request body/payload for a POST request?

• To send a request body or payload for a POST request using RestAssured, you can use the body()
method on the RequestSpecification object.
• Snippet:

RequestSpecification request = RestAssured.given();

request.header("Content-Type", "application/json");
request.body("{ \"name\": \"Jatin\", \"age\": 30 }");
Response response = request.post("/api/users");

Explanation:

• In this example, we first create an instance of RequestSpecification using RestAssured.given().

• we set the Content-Type header to application/json using the header() method.
• then request body using the body() method, passing a JSON string as the argument.
• And we then a POST request to the end point “api/users”

Test Automation Academy

Jatin Shharma
3. What are the types of Status codes?
• HTTP status codes are three-digit numbers that indicate the outcome of an HTTP request. There
are five categories of status codes, each with a different range of values:
• Informational (1xx): These status codes indicate that the request has been received and is being
processed. Examples include 100 (Continue) and 102 (Processing).
• Success (2xx): These status codes indicate that the request was successfully received,
understood, and accepted. Examples include 200 (OK), 201 (Created), and 204 (No Content).
• Redirection (3xx): These status codes indicate that the client must take additional action to
complete the request. Examples include 301 (Moved Permanently), 302 (Found), and 307
(Temporary Redirect).
• Client Error (4xx): These status codes indicate that there was an error on the client side of the
request. Examples include 400 (Bad Request), 401 (Unauthorized), and 404 (Not Found).
• Server Error (5xx): These status codes indicate that there was an error on the server side of the
request. Examples include 500 (Internal Server Error), 502 (Bad Gateway), and 503 (Service
Unavailable).

4. What is REST?:
• REST stands for Representational State Transfer, which is an architectural style for designing
web services. It is a set of guidelines and constraints that define how web services should be
designed and operated.

• At its core, REST is based on a client-server model, where the client sends requests to the
server, and the server sends responses back to the client. These requests and responses are
typically sent over HTTP, using standard HTTP methods like GET, POST, PUT, and DELETE.

Test Automation Academy

Jatin Shharma
5. What is GET Method?
• The GET method is one of the standard HTTP methods used for retrieving resources from a
server. It is used to request data from a specified resource, using a URL-encoded query string.

• When a client sends a GET request to a server, it is asking the server to return a representation
of the specified resource. The server will then search for the requested resource, and if found,
will send a response back to the client containing the requested data.

6. What is POST Method?

• The POST method is one of the standard HTTP methods used for submitting data to a server. It is
used to send data to a server to create or update a resource.

• When a client sends a POST request to a server, it includes a request body that contains the data
to be submitted. The server will then process the request body, and either create a new
resource or update an existing one, depending on the specific API.

7. What is PUT Method?

• The PUT method is one of the standard HTTP methods used for updating a resource on a server.
It is used to send data to a server to update an existing resource.

• When a client sends a PUT request to a server, it includes a request body that contains the data
to be updated. The server will then process the request body, and update the specified resource
with the new data.

8. What is DELETE Method?

• The DELETE method is one of the standard HTTP methods used for deleting a resource on a
server. It is used to send a request to a server to delete the specified resource.

• When a client sends a DELETE request to a server, it includes a URL that specifies the resource to
be deleted. The server will then process the request and delete the specified resource.

9. What is HEAD method?

• The HEAD method is one of the standard HTTP methods used for retrieving metadata about a
resource, without actually retrieving the resource itself. It is similar to the GET method, but
instead of returning the entire response body, it only returns the HTTP headers for the resource.

• When a client sends a HEAD request to a server, the server will process the request and send
back a response that includes only the HTTP headers for the specified resource, without the
actual content of the resource.

Test Automation Academy

Jatin Shharma
10. What is OPTIONS method?
• The OPTIONS method is one of the standard HTTP methods used for retrieving information
about the communication options available for a resource. It is used to determine the HTTP
methods that can be used to interact with the resource, as well as the supported request and
response formats.

• When a client sends an OPTIONS request to a server, the server will process the request and
send back a response that includes a list of HTTP methods that can be used to interact with the
resource, as well as other communication options.

11. How to use Basic authentication in automation?

• Basic authentication is a simple authentication mechanism that involves sending a base64-
encoded username and password in the HTTP headers of a request

RestAssured.baseURI = "http://example.com/api";
RestAssured.authentication = basic("username", "password");

Response response = given()

.when()
.get("/users");

System.out.println(response.getBody().asString());

• Remember:
• Basic authentication is not considered a very secure method of authentication, as the username
and password are transmitted in plaintext over the network, making them susceptible to
interception and eavesdropping.

• While the password is base64-encoded, it is not encrypted, and an attacker with access to the
network traffic can easily decode the password and gain access to the system.

• For this reason, it is generally recommended to use other more secure authentication
mechanisms, such as OAuth or JSON Web Tokens (JWT).

Test Automation Academy

Jatin Shharma
12. How do you extract the values of JSON and how do you validate response?
• In RestAssured, you can extract values from JSON responses using the JsonPath class. Here's an
example:

Response response = RestAssured.get("/api/users");

String firstName = response.jsonPath().getString("data[0].first_name");

int userId = response.jsonPath().getInt("data[0].id");

System.out.println("First name: " + firstName);

System.out.println("User ID: " + userId);

Test Automation Academy

Jatin Shharma